Executes the following shell scripts:
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
- /system/bin/sh -c getprop
- /system/bin/sh -c type su
- chmod 755 <Package Folder>/.jiagu/libjiagu-147729921.so
- getprop
- ls -l /system/bin/su
- ls /sys/class/thermal
Loads the following dynamic libraries:
- Bugly
- cipher
- fraudmetrix
- libjiagu-147729921
Uses the following algorithms to encrypt data:
- AES-GCM-NoPadding
- RSA-ECB-PKCS1Padding
Uses the following algorithms to decrypt data:
Accesses the ITelephony private interface.
Uses special library to hide executable bytecode.
Gets information about location.
Gets information about network.
Gets information about phone status (number, IMEI, etc.).